CSCE 790: Computer Network Security
Download
Report
Transcript CSCE 790: Computer Network Security
CSCE 515:
Computer Network Programming
Chin-Tser Huang
[email protected]
University of South Carolina
Layer 7: Application
Application
Presentation
Session
Transport
Each Layer 7 protocol specifies how one
particular application uses a network.
Each protocol specifies how an application
on one machine makes request and how
the application on another machine
responds.
Network
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
2
Layer 6: Presentation
Application
Presentation
Session
Layer 6 protocols specify how to represent
data. They are used to translate from the
representation on one computer to the
representation on another computer.
Transport
Network
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
3
Layer 5: Session
Application
Presentation
Session
Transport
Network
Layer 5 protocols specify how to establish a
communication session with a remote
system, including specifications for security
details such as authentication using
passwords.
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
4
Layer 4: Transport
Application
Presentation
Session
Transport
Network
Layer 4 protocols specify how to provide
reliable data transfer for different
applications.
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
5
Layer 3: Network
Application
Presentation
Session
Transport
Network
Data link
Layer 3 protocols specify how addresses are
assigned and how packets are forwarded
between networks.
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
6
Layer 2: Data Link
Application
Presentation
Session
Transport
Network
Data link
Physical
1/15/2004
Layer 2 protocols specify how to organize
data into frames and how to transmit
frames over a network.
(C) 2004 Chin-Tser Huang
7
Layer 1: Physical
Application
Presentation
Session
Transport
Network
Data link
Physical
1/15/2004
Layer 1 protocols specify details of
interacting with network hardware.
(C) 2004 Chin-Tser Huang
8
Origin of Internet
In the 60’s, US DoD funded ARPANET
for testing new network technologies
ARPANET was later extended to the
Internet
Protocol suite used with Internet is
Transmission Control Protocol/Internet
Protocol (TCP/IP)
1/15/2004
(C) 2004 Chin-Tser Huang
9
TCP/IP Model in Internet
OSI model
TCP/IP model
Application
Presentation
Application
Session
Transport
Transport
Network
Network
Data link
Link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
10
Transport Layer
Protocol: TCP, UDP
TCP provides a reliable flow of data
between two hosts; including
mechanism of connection setup,
congestion control, and retransmission
UDP provides a simpler service which is
unreliable
1/15/2004
(C) 2004 Chin-Tser Huang
11
Client-Server Model
Assume one side of communication is
client, and the other side is server
Server waits for a client request to
arrive
Server processes the client request and
sends the response back to the client
Iterative or concurrent
1/15/2004
(C) 2004 Chin-Tser Huang
12
Port Number
TCP and UDP identify applications by
16-bit port numbers
Some servers are assigned well-known
port number
For example, ftp is port 21 and telnet is
port 23
Clients usually use ephemeral port
numbers between 1024 and 5000
1/15/2004
(C) 2004 Chin-Tser Huang
13
Network Layer
Protocol: IP, ICMP, IGMP
Assign addresses to hosts on the
Internet
Determine how to forward messages
over the Internet
1/15/2004
(C) 2004 Chin-Tser Huang
14
Internet Address
Every interface on the Internet has a
unique address
In IPv4 every address is 32-bit, while in
IPv6 every address is 128-bit
Usually specified with dotted-decimal
notation: written as 4 decimal numbers,
one for each byte
hadar.cse.sc.edu: 129.252.130.109
1/15/2004
(C) 2004 Chin-Tser Huang
15
Classes of Network
Class A
Class B
Class C
Every network belongs to one of five classes,
based on first byte in its address
0
7
netid
1 0
1 1 0
24
hostid
14
netid
16
hostid
21
netid
8
hostid
Class D
1 1 1 0
28
multicast group ID
Class E
1 1 1 1
reserved
1/15/2004
(C) 2004 Chin-Tser Huang
16
Ranges for Different Classes
Class
Class
Class
Class
Class
1/15/2004
A: 0.0.0.0 to 127.255.255.255
B: 128.0.0.0 to 191.255.255.255
C: 192.0.0.0 to 223.255.255.255
D: 224.0.0.0 to 239.255.255.255
E: 240.0.0.0 to 255.255.255.255
(C) 2004 Chin-Tser Huang
17
Domain Name System (DNS)
Dotted-decimal addresses are both hard
to remember and meaningless
Use a structured name for each host
For example, hadar.cse.sc.edu
DNS is a distributed database providing
mapping between IP addresses and
hostnames
1/15/2004
(C) 2004 Chin-Tser Huang
18
Header Encapsulation
An application sends messages down
the protocol stack
Each layer adds information to a
message by prepending an extra header
1/15/2004
(C) 2004 Chin-Tser Huang
19
Header Encapsulation
Application
Transport layer
Network layer
Transport
Network
User data
header
header
Link layer
header
Link
1/15/2004
(C) 2004 Chin-Tser Huang
20
Application Programming Interface (API)
A set of operations available to an
application programmer
Two popular APIs
Sockets developed at Berkeley
X/Open Transport Interface (XTI)
developed by AT&T
We will focus on sockets
1/15/2004
(C) 2004 Chin-Tser Huang
21
What Is a Socket?
An API between applications and
network protocol software
provided by the OS
Provide following functions
Define an abstract endpoint for
communication
Initiate and accept a connection
Send and receive data
Terminate a connection gracefully
1/15/2004
(C) 2004 Chin-Tser Huang
22
Elements of a Socket
Each socket can be uniquely identified
by
Source IP address
Source port number
Destination IP address
Destination port number
An end-to-end protocol (TCP or UDP)
1/15/2004
(C) 2004 Chin-Tser Huang
23
Types of Sockets
Two different types of sockets
Stream sockets
Datagram sockets
1/15/2004
(C) 2004 Chin-Tser Huang
24
Stream Sockets
Also known as connection-oriented
socket
Use TCP
Provide reliable, connected
networking service
Error free; no out-of-order packets
Applications: telnet, ssh, http
1/15/2004
(C) 2004 Chin-Tser Huang
25
Datagram Sockets
Also known as connectionless socket
Use UDP
Provide unreliable, best-effort
networking service
Packets may be lost; may arrive out of
order
Applications: streaming audio/video
1/15/2004
(C) 2004 Chin-Tser Huang
26
Next Class
Socket programming in Java
Read JNP Ch. 14, 16
1/15/2004
(C) 2004 Chin-Tser Huang
27